Details of VAR-202404-3491

ID

VAR-202404-3491

CVE

CVE-2024-2742

TITLE

Planet IGS-4215-16T2S IP address function command injection vulnerability

Trust: 0.6

sources: CNVD: CNVD-2025-11674

DESCRIPTION

Operating system command injection vulnerability in Planet IGS-4215-16T2S, affecting firmware version 1.305b210528. An authenticated attacker could execute arbitrary code on the remote host by exploiting IP address functionality. Planet IGS-4215-16T2S is an industrial-grade switch device

Trust: 1.44

sources: NVD: CVE-2024-2742 // CNVD: CNVD-2025-11674

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-11674

AFFECTED PRODUCTS

vendor:

planet

model:

igs-4215-16t2s 1.305b210528

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2025-11674

CVSS

SEVERITY

CVSSV2

CVSSV3

cve-coordination@incibe.es:	CVE-2024-2742
value:	MEDIUM
Trust: 1.0
CNVD:	CNVD-2025-11674
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2025-11674
severity:	MEDIUM
baseScore:	5.9
vectorString:	AV:L/AC:H/AU:M/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	HIGH
authentication:	MULTIPLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	1.2
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

cve-coordination@incibe.es:	CVE-2024-2742
baseSeverity:	MEDIUM
baseScore:	6.4
vectorString:	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.5
impactScore:	5.9
version:	3.1
Trust: 1.0

sources: CNVD: CNVD-2025-11674 // NVD: CVE-2024-2742

PROBLEMTYPE DATA

problemtype:

CWE-78

Trust: 1.0

sources: NVD: CVE-2024-2742

PATCH

title:

Patch for Planet IGS-4215-16T2S IP address function command injection vulnerability

url:

https://www.cnvd.org.cn/patchInfo/show/694781

Trust: 0.6

sources: CNVD: CNVD-2025-11674

EXTERNAL IDS

db:	NVD	id:	CVE-2024-2742	Trust: 1.6
db:	CNVD	id:	CNVD-2025-11674	Trust: 0.6

sources: CNVD: CNVD-2025-11674 // NVD: CVE-2024-2742

REFERENCES

url:

https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-planet-igs-4215-16t2s

Trust: 1.6

sources: CNVD: CNVD-2025-11674 // NVD: CVE-2024-2742

SOURCES

db:	CNVD	id:	CNVD-2025-11674
db:	NVD	id:	CVE-2024-2742

LAST UPDATE DATE

2025-06-09T23:26:59.392000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-11674	date:	2025-06-06T00:00:00
db:	NVD	id:	CVE-2024-2742	date:	2024-04-11T12:47:44.137

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-11674	date:	2025-06-06T00:00:00
db:	NVD	id:	CVE-2024-2742	date:	2024-04-11T01:25:34.950